66cf64f4b8c5365efec7fc6071d07a5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

66cf64f4b8c5365efec7fc6071d07a5c_JaffaCakes118
Size

538KB
MD5

66cf64f4b8c5365efec7fc6071d07a5c
SHA1

e43cf7ab6fe890b6c7001216707c0376645f1500
SHA256

a09fef2b6beef557794c4e6d3c701195aa723426da732d512bbf375dcf605c04
SHA512

7dfe8895c8c0b65e15ceb87076b3a4b07c2d597163f260b676a5a49659f03c1a95453492ab94a79ed2d87a8a8523ea699322b720a996cad1f48d992985138bce
SSDEEP

12288:BLvfxrHpoNNDmbgEeWkGlaozbpNWWZJYEjQTe:Bz9HpoObgEeClDzSWVwe

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/ha_RLPack-v1.21/Box.dll	acprotect

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ha_RLPack-v1.21/Box.dll
unpack001/ha_RLPack-v1.21/Demo.dll
unpack001/ha_RLPack-v1.21/ExecutionDemo.dll
unpack001/ha_RLPack-v1.21/Functions.dll
unpack001/ha_RLPack-v1.21/Hook.dll
unpack001/ha_RLPack-v1.21/Importer.dll
unpack001/ha_RLPack-v1.21/Protect.dll
unpack001/ha_RLPack-v1.21/RLPack_chs.exe
unpack001/ha_RLPack-v1.21/TextDemo.dll
unpack001/ha_RLPack-v1.21/TimeDemo.dll
unpack001/ha_RLPack-v1.21/TimerDemo.dll

Files

66cf64f4b8c5365efec7fc6071d07a5c_JaffaCakes118
.rar
ha_RLPack-v1.21/ASM/clearEnd.inc
ha_RLPack-v1.21/ASM/clearStart.inc
ha_RLPack-v1.21/ASM/cryptEnd.inc
ha_RLPack-v1.21/ASM/cryptStart.inc
ha_RLPack-v1.21/Box.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

PackPE32File

Sections

.packed
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ha_RLPack-v1.21/C/RLPackSDK.h
ha_RLPack-v1.21/Delphi/clearEnd.inc
ha_RLPack-v1.21/Delphi/clearStart.inc
ha_RLPack-v1.21/Delphi/cryptEnd.inc
ha_RLPack-v1.21/Delphi/cryptStart.inc
ha_RLPack-v1.21/Demo.dll
.dll windows:4 windows x86 arch:x86

d76270e15fa442b5e8aecaf89006a8ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

user32

KillTimer
LoadIconA
SendMessageA
SetTimer
EndDialog
EnableWindow
DialogBoxParamA
GetDlgItem

kernel32

GetModuleFileNameA
ExitProcess

shell32

ShellExecuteA

Exports

Exports

RLPack_Demo
RLPack_RemoveDemo

Sections

.text
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 659B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/Demo.ini
ha_RLPack-v1.21/ExecutionDemo.dll
.dll windows:4 windows x86 arch:x86

f25216ffe20657cc62544d9c4199ffd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

user32

GetDlgItem
KillTimer
LoadIconA
MessageBoxExA
SendMessageA
SetTimer
SetWindowTextA
EndDialog
EnableWindow
DialogBoxParamA
wsprintfA
IsWindowVisible

kernel32

GetModuleFileNameA
ExitProcess

shell32

ShellExecuteA

Exports

Exports

RLPack_ExecutionDemo
RLPack_RemoveDemo

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 805B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/ExecutionDemo.ini
ha_RLPack-v1.21/Functions.dll
.dll windows:4 windows x86 arch:x86

7eb8427f27c50eb0d809dd52b9ea5c50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

FindWindowA

kernel32

GetModuleHandleA
VirtualAlloc
RtlMoveMemory
CloseHandle
CreateFileA
OpenMutexA

Exports

Exports

RLPack_CheckMutex
RLPack_GetWatermark
RLPack_IsDebuggerPresent
RLPack_IsPacked

Sections

.text
Size: 1024B - Virtual size: 962B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 445B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/Help.chm
.chm
ha_RLPack-v1.21/Hook.dll
.dll windows:4 windows x86 arch:x86

f8b580c1349715d9d10eb55699e524f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress

Exports

Exports

RLPack_FreeModule
RLPack_HookModule
RLPack_SafeFreeModule
RLPack_SafeHookModule
RLPack_SetModuleBase

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/Importer.dll
.dll windows:4 windows x86 arch:x86

0a395818bb1d82851b2626298d5a90dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadProcessMemory
lstrlenA
CloseHandle
CreateFileA
CreateFileMappingA
FreeLibrary
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsBadCodePtr
LoadLibraryA
MapViewOfFile
lstrcpyA
RtlZeroMemory
SetEndOfFile
SetFilePointer
UnmapViewOfFile
VirtualAlloc
VirtualFree
lstrcmpA

psapi

GetModuleFileNameExA
EnumProcessModules

Exports

Exports

GetModuleVersion
ImporterAddNewAPI
ImporterAddNewDll
ImporterAutoFixIAT
ImporterAutoSearchIAT
ImporterAutoSearchIATEx
ImporterCleanup
ImporterEstimatedSize
ImporterExportIAT
ImporterFindAPIWriteLocation
ImporterGetAPIName
ImporterGetAPINameEx
ImporterGetAPINameFromDebugee
ImporterGetAddedAPICount
ImporterGetAddedDllCount
ImporterGetDLLIndexEx
ImporterGetDLLNameFromDebugee
ImporterGetRemoteAPIAddress
ImporterInit
ImporterMoveIAT
ImporterRelocateWriteLocation
ImporterSetAutoFixOptions

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/Protect.dll
.dll windows:4 windows x86 arch:x86

eca5bff7d1e639139e42688be9e7dad2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA

user32

MessageBoxExA

kernel32

lstrcpyA
lstrcmpA
CreateThread
ExitProcess
GetProcAddress
GetWindowsDirectoryA
LoadLibraryA
OpenProcess
ReadProcessMemory
RtlZeroMemory
VirtualAlloc
VirtualFree
lstrcatA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

RLPack_Protect

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 749B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/RLPack_chs.exe
.exe windows:4 windows x86 arch:x86

c85bd2624b0d8530e017912f7483a3c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegCreateKeyA

comctl32

InitCommonControls

comdlg32

GetSaveFileNameA
GetOpenFileNameA

kernel32

IsBadReadPtr
SetFilePointer
lstrlenA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
VirtualFree
VirtualAlloc
UnmapViewOfFile
CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
CreateThread
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
SetEndOfFile
LoadLibraryA
MapViewOfFile
MoveFileA
ReadFile
RtlMoveMemory
RtlZeroMemory
SetCurrentDirectoryA
Sleep

ole32

CoTaskMemFree

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
DragQueryFileA

user32

SetDlgItemTextA
SendMessageA
SendDlgItemMessageA
MessageBoxExA
SetWindowLongA
LoadIconA
LoadBitmapA
IsDlgButtonChecked
GetWindowTextLengthA
SetWindowPos
SetWindowTextA
ShowWindow
MessageBoxA
GetWindowTextA
GetWindowLongA
GetDlgItemTextA
GetDlgItem
FindWindowA
EndDialog
EnableWindow
DialogBoxParamA
CreateDialogParamA
CheckDlgButton
wsprintfA

Sections

.packed
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RLPack
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ha_RLPack-v1.21/TextDemo.dll
.dll windows:4 windows x86 arch:x86

dd1268ec91ea09f6a8a8ddc368db6c4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

user32

MessageBoxA

kernel32

ExitProcess
GetModuleFileNameA

shell32

ShellExecuteA

Exports

Exports

RLPack_RemoveDemo
RLPack_TextDemo

Sections

.text
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 523B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/TextDemo.ini
ha_RLPack-v1.21/TimeDemo.dll
.dll windows:4 windows x86 arch:x86

b887b622729db45c70ad4dc7d335d17e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

user32

SetTimer
SetWindowTextA
SendMessageA
LoadIconA
KillTimer
IsWindowVisible
GetDlgItem
EndDialog
EnableWindow
DialogBoxParamA
wsprintfA
MessageBoxExA

kernel32

CreateFileA
GetSystemTime
GetModuleFileNameA
GetFileTime
FileTimeToSystemTime
ExitProcess
CloseHandle

shell32

ShellExecuteA

Exports

Exports

RLPack_RemoveDemo
RLPack_TimeDemo

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 923B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/TimeDemo.ini
ha_RLPack-v1.21/TimerDemo.dll
.dll windows:4 windows x86 arch:x86

d9e48c9205b92fa2043a228880af4236

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

user32

SetTimer
SetWindowTextA
SendMessageA
KillTimer
GetDlgItem
EndDialog
DialogBoxParamA
wsprintfA
LoadIconA

kernel32

CreateThread
Sleep
GetModuleFileNameA
ExitProcess

shell32

ShellExecuteA

Exports

Exports

RLPack_RemoveDemo
RLPack_TimerDemo

Sections

.text
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 733B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_RLPack-v1.21/TimerDemo.ini
ha_RLPack-v1.21/license.reg
ha_RLPack-v1.21/watermark.dat
ha_RLPack-v1.21/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.packed Size: - Virtual size: 144KB

.rsrc Size: 37KB - Virtual size: 37KB

d76270e15fa442b5e8aecaf89006a8ec

Headers

File Characteristics

Imports

advapi32

user32

kernel32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 796B

.rdata Size: 1024B - Virtual size: 659B

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 512B - Virtual size: 274B

f25216ffe20657cc62544d9c4199ffd1

Headers

File Characteristics

Imports

advapi32

user32

kernel32

shell32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 805B

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 512B - Virtual size: 480B

7eb8427f27c50eb0d809dd52b9ea5c50

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 962B

.rdata Size: 512B - Virtual size: 445B

.data Size: 512B - Virtual size: 132B

.reloc Size: 512B - Virtual size: 60B

f8b580c1349715d9d10eb55699e524f9

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 360B

.data Size: 512B - Virtual size: 152B

.reloc Size: 512B - Virtual size: 144B

0a395818bb1d82851b2626298d5a90dc

Headers

File Characteristics

Imports

kernel32

psapi

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 1KB - Virtual size: 1KB

.packed
Size: - Virtual size: 144KB

.rsrc
Size: 37KB - Virtual size: 37KB

.text
Size: 1024B - Virtual size: 796B

.rdata
Size: 1024B - Virtual size: 659B

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 512B - Virtual size: 274B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 805B

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 512B - Virtual size: 480B

.text
Size: 1024B - Virtual size: 962B

.rdata
Size: 512B - Virtual size: 445B

.data
Size: 512B - Virtual size: 132B

.reloc
Size: 512B - Virtual size: 60B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 360B

.data
Size: 512B - Virtual size: 152B

.reloc
Size: 512B - Virtual size: 144B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 560B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 749B

.data
Size: 1024B - Virtual size: 14KB

.reloc
Size: 512B - Virtual size: 282B

.packed
Size: 216KB - Virtual size: 216KB

.RLPack
Size: 65KB - Virtual size: 64KB

.text
Size: 1024B - Virtual size: 544B

.rdata
Size: 1024B - Virtual size: 523B

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 116B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1024B - Virtual size: 923B

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 1024B - Virtual size: 674B